SUSE CVE-2021-47605

In the Linux kernel, the following vulnerability has been resolved: vduse: fix memory corruption in vdusedevioctl The "config.offset" comes from the user. There needs to a check to prevent it being out of bounds. The "config.offset" and "dev-configsize" variables are both type u32. So if the offs...

SUSE CVE-2022-48747

In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in biotruncate biotruncate clears the buffer outside of last block of bdev, however current biotruncate is using the wrong offset of page. So it can return the uninitialized data. This happened when both o...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an invalid PDI offset in the soundwire:cadence module...

CVE-2022-48747

In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in biotruncate biotruncate clears the buffer outside of last block of bdev, however current biotruncate is using the wrong offset of page. So it can return the uninitialized data. This happened when both o...

CVE-2022-48747

In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in biotruncate biotruncate clears the buffer outside of last block of bdev, however current biotruncate is using the wrong offset of page. So it can return the uninitialized data. This happened when both o...

CVE-2022-48747

In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in biotruncate biotruncate clears the buffer outside of last block of bdev, however current biotruncate is using the wrong offset of page. So it can return the uninitialized data. This happened when both o...

DEBIAN-CVE-2022-48747

In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in biotruncate biotruncate clears the buffer outside of last block of bdev, however current biotruncate is using the wrong offset of page. So it can return the uninitialized data. This happened when both o...

UBUNTU-CVE-2022-48747

In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in biotruncate biotruncate clears the buffer outside of last block of bdev, however current biotruncate is using the wrong offset of page. So it can return the uninitialized data. This happened when both o...

CVE-2022-48747

CVE-2022-48747 affects the Linux kernel in the block.bio_truncate() path. The vulnerability stems from a wrong page offset being used, causing bio_truncate() to clear data outside the last block of a block device and potentially return uninitialized data when both truncated/corrupted FS and users...

CVE-2022-48747

In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in biotruncate biotruncate clears the buffer outside of last block of bdev, however current biotruncate is using the wrong offset of page. So it can return the uninitialized data. This happened when both o...

CVE-2022-48747 block: Fix wrong offset in bio_truncate()

In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in biotruncate biotruncate clears the buffer outside of last block of bdev, however current biotruncate is using the wrong offset of page. So it can return the uninitialized data. This happened when both o...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from an incorrect offset in the block module biotruncate...

DEBIAN-CVE-2021-47605

In the Linux kernel, the following vulnerability has been resolved: vduse: fix memory corruption in vdusedevioctl The "config.offset" comes from the user. There needs to a check to prevent it being out of bounds. The "config.offset" and "dev-configsize" variables are both type u32. So if the offs...

CVE-2021-47604

In the Linux kernel, the following vulnerability has been resolved: vduse: check that offset is within bounds in getconfig This condition checks "len" but it does not check "offset" and that could result in an out of bounds read if "offset dev-configsize". The problem is that since both variables...

DEBIAN-CVE-2021-47604

In the Linux kernel, the following vulnerability has been resolved: vduse: check that offset is within bounds in getconfig This condition checks "len" but it does not check "offset" and that could result in an out of bounds read if "offset dev-configsize". The problem is that since both variables...

CVE-2021-47605 vduse: fix memory corruption in vduse_dev_ioctl()

In the Linux kernel, the following vulnerability has been resolved: vduse: fix memory corruption in vdusedevioctl The "config.offset" comes from the user. There needs to a check to prevent it being out of bounds. The "config.offset" and "dev-configsize" variables are both type u32. So if the offs...

CVE-2021-47604 vduse: check that offset is within bounds in get_config()

In the Linux kernel, the following vulnerability has been resolved: vduse: check that offset is within bounds in getconfig This condition checks "len" but it does not check "offset" and that could result in an out of bounds read if "offset dev-configsize". The problem is that since both variables...

CVE-2021-47604 vduse: check that offset is within bounds in get_config()

In the Linux kernel, the following vulnerability has been resolved: vduse: check that offset is within bounds in getconfig This condition checks "len" but it does not check "offset" and that could result in an out of bounds read if "offset dev-configsize". The problem is that since both variables...

DEBIAN-CVE-2024-38604

In the Linux kernel, the following vulnerability has been resolved: block: refine the EOF check in blkdeviomapbegin blkdeviomapbegin rounds down the offset to the logical block size before stashing it in iomap-offset and checking that it still is inside the inode size. Check the isize check to th...

UBUNTU-CVE-2024-38604

In the Linux kernel, the following vulnerability has been resolved: block: refine the EOF check in blkdeviomapbegin blkdeviomapbegin rounds down the offset to the logical block size before stashing it in iomap-offset and checking that it still is inside the inode size. Check the isize check to th...